[llvm] [Github] Add sudo to CI container (PR #122036)

Aiden Grossman via llvm-commits llvm-commits at lists.llvm.org
Tue Jan 7 17:34:49 PST 2025 

https://github.com/boomanaiden154 created https://github.com/llvm/llvm-project/pull/122036

This patch adds sudo to the CI container and also adds the gha user as a member of the sudo group along with making any member of the sudo group able to run commands as root without a password. This is primarily intended to enable installing new software through apt-get without having to rebuild the container.

>From 2e437d52394ed07236e5ec071ea69f9d4a36d3ad Mon Sep 17 00:00:00 2001
From: Aiden Grossman <aidengrossman at google.com>
Date: Wed, 8 Jan 2025 01:32:51 +0000
Subject: [PATCH] [Github] Add sudo to CI container

This patch adds sudo to the CI container and also adds the gha user as a
member of the sudo group along with making any member of the sudo group
able to run commands as root without a password. This is primarily
intended to enable installing new software through apt-get without having
to rebuild the container.
---
 .github/workflows/containers/github-action-ci/Dockerfile | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/containers/github-action-ci/Dockerfile b/.github/workflows/containers/github-action-ci/Dockerfile
index 58355d261c43c9..d4e6cdcd70423a 100644
--- a/.github/workflows/containers/github-action-ci/Dockerfile
+++ b/.github/workflows/containers/github-action-ci/Dockerfile
@@ -57,6 +57,7 @@ RUN apt-get update && \
     nodejs \
     perl-modules \
     python3-psutil \
+    sudo \
 
     # These are needed by the premerge pipeline. Pip is used to install
     # dependent python packages and ccache is used for build caching. File and
@@ -73,5 +74,11 @@ ENV PATH=${LLVM_SYSROOT}/bin:${PATH}
 # permissions issues in some tests. Set the user id to 1001 as that is the
 # user id that Github Actions uses to perform the checkout action.
 RUN useradd gha -u 1001 -m -s /bin/bash
+
+# Also add the user to passwordless sudoers so that we can install software
+# later on without having to rebuild the container.
+RUN adduser gha sudo
+RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
 USER gha

More information about the llvm-commits mailing list